CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Adds Aquasecurity Trivy Scanner Vulnerability to KEV Catalog
CISA has officially added a critical vulnerability affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this alarming security flaw p ...
-
The Hacker News
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. Th ...
-
Daily CyberSecurity
Critical 9.4 CVSS RCE Flaws in n8n Turn Workflows into Backdoors
Security researchers have disclosed two critical vulnerabilities in n8n, the popular fair-code workflow automation platform used by technical teams to bridge the gap between low-code speed and full-co ...
-
Daily CyberSecurity
Critical 9.8 CVSS Flaw in Pharos Mosaic Controllers Grants Root Access to Unauthenticated Attackers
A security advisory has been issued by CISA regarding a critical vulnerability discovered in Pharos Controls’ Mosaic Show Controller firmware. The flaw, which carries a severity CVSS score of 9.8, cou ...
-
TheCyberThrone
CISA adds Langflow and Trivy bugs to KEV Catalog
Langflow Code Injection Flaw Actively Exploited — CVE-2026-33017CISA has added a critical code injection vulnerability in Langflow to its Known Exploited Vulnerabilities catalog, confirming active exp ...
-
Daily CyberSecurity
Critical 9.3 CVSS Auth Bypass and XSS Flaws Hit MantisBT
Security researchers have identified a trio of significant vulnerabilities within MantisBT, the popular open-source issue tracking system used by teams worldwide for project collaboration. The flaws r ...
-
cert.pl
Vulnerabilities in Bludit software
Vulnerabilities in Bludit software CVE ID CVE-2026-25099 Publication date 27 March 2026 Vendor Bludit Product Bludit Vulnerable versions All before 3.18.4 Vulnerability type (CWE) Unrestricted Upload ...
-
security.nl
Duitse politie bezoekt bedrijven wegens kritieke PTC-kwetsbaarheid
De Duitse politie is afgelopen zaterdag bij meerdere bedrijven in het land langsgegaan om te waarschuwen voor een kritieke kwetsbaarheid in producten van PTC. Sommige systeembeheerders werden in de vr ...
-
Help Net Security
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vul ...
-
CybersecurityNews
Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack
The official Telnyx Python SDK on PyPI was compromised this morning as part of an escalating, weeks-long supply chain campaign orchestrated by the threat actor group TeamPCP. Malicious versions 4.87.1 ...